cURL / Mailing Lists / curl-library / Single Mail


RE: Support for authentication DIGEST-MD5 for SMTP

From: Steve Holme <>
Date: Wed, 4 Jan 2012 13:26:36 +0000


> It seems libcurl does not have support for authentication
> DIGEST-MD5 for SMTP. Is it just lack of time behind leaving this
> unimplemented or other difficulties that does not worth to struggle?

It is on my to do list but I haven't had the time or need for it to add support yet.

> I am not familiar with the SMTP authentication methods yet but will be familiar in the near future.

> Would you guys be interested with this feature implemented in the
> next libcurl version? Maybe provide some guidance for me to kick off?

Yes of course - please feel free to have a crack at it.

In keeping with the rest of the SMTP code I would recommend:

* Adding a SMTP_AUTHDIGEST state to the list of states similar to SMTP_AUTHCRAM and SMTP_AUTHNTLM etc... (making sure to update names structure that is used in debug builds in state().
* Add smtp_auth_digest() for sending the data.
* Expand smtp_authenticate() to call smtp_auth_digest().
* Add smtp_state_authdigest_resp() for handing the response.
* Expand smtp_statemach_act() to call smtp_state_authdigest_resp().

This is assuming that digest is a single message authentication mechanism unlike NTLM.

Please note that the SMTP module currently doesn't:

1) Allow you to specify preferred authentication mechanisms
2) Honour the server's preferred order of authentication mechanisms that it will send back in it's EHLO response

I hope this helps, but any questions please feel free to ask ;-)

Kind Regards


List admin:
Received on 2012-01-04